From: Nikos Mavrogiannopoulos Date: Sun, 4 Jan 2015 21:43:00 +0000 (+0100) Subject: certtool: check for overflows when reading serial numbers X-Git-Tag: gnutls_3_4_0~396 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0177118d9f72a6531dccbfd6158089abec2ef0ab;p=thirdparty%2Fgnutls.git certtool: check for overflows when reading serial numbers --- diff --git a/src/certtool-cfg.c b/src/certtool-cfg.c index 187d39cc89..06dcacf202 100644 --- a/src/certtool-cfg.c +++ b/src/certtool-cfg.c @@ -248,6 +248,20 @@ void cfg_init(void) s_name = 1; \ } +#if SIZEOF_LONG == 8 +# define CHECK_INT64_OVERFLOW(x) \ + if (x == LONG_MAX) { \ + fprintf(stderr, "overflow in number\n"); \ + exit(1); \ + } +#else +# define CHECK_INT64_OVERFLOW(x) \ + if (x == LLONG_MAX) { \ + fprintf(stderr, "overflow in number\n"); \ + exit(1); \ + } +#endif + #define READ_NUMERIC(name, s_name) \ val = optionGetValue(pov, name); \ if (val != NULL) \ @@ -410,6 +424,8 @@ int template_parse(const char *template) READ_NUMERIC("serial", cfg.serial); + CHECK_INT64_OVERFLOW(cfg.serial); + READ_NUMERIC("expiration_days", cfg.expiration_days); READ_NUMERIC("crl_next_update", cfg.crl_next_update); READ_NUMERIC("crl_number", cfg.crl_number);